HP Security Research OSINT (OpenSource Intelligence) articles of interest--May 05, 2014

Key Articles of Interest


Netwars - A fact-based 5 part interactive web series
“netwars / out of CTRL” is a fact-based TV documentary, interactive web documentary, TV movie and graphic novel app exploring the impending threat of cyberwarfare. We want you to know what’s happening, to get a sense for the threats and an attitude of self-defense. We want your personal attention, we do not want your personal data. But still, your data is everywhere.

Uroburos - Highly complex espionage software with Russian roots
G Data Security experts have analyzed a very complex and sophisticated piece of malware, designed to steal confidential data. G Data refers to it as Uroburos, in correspondence with a string found in the malware’s code and following an ancient symbol depicting a serpent or dragon eating its own tail.

MOBILE THREAT REPORT Q1 2014
Mobile malware development in Q1 2014 continues to focus exclusively on the Android platform, continuing the inexorable trend we’ve seen in the last couple years. Of all the mobile app samples we collected during this period, almost 14 % were malicious Android apps (with the rest being determined as PUAs or clean). A report by F-Secure. 

 

Keeping Internet Users in the know...Data Privacy Transparency of Canadian ISP’s
In the wake of the Snowden revelations about NSA surveillance, recent calls for greater data privacy recommend that internet service providers (ISPs) be more forthcoming about their handling of our personal information. Responding to this concern as well as in keeping with the transparency, openness and accountability principles fundamental to Canadian privacy law, this report evaluates the data privacy transparency of twenty of the most prominent ISPs (aka carriers) currently serving the Canadian public.

 

Analyzing Forged SSL Certificates in the Wild
Abstract—The SSL man-in-the-middle attack uses forged SSL certificates to intercept encrypted connections between clients and servers. However, due to a lack of reliable indicators, it is still unclear how commonplace these attacks occur in the wild. In this work, we have designed and implemented a method to detect the occurrence of SSL man-in-the-middle attack on a top global website, Facebook. Over 3 million real-world SSL connections to this website were analyzed.

 

White House outlines big data opportunities, dangers 
The lengthy deep-dive concludes with six actionable policy recommendations to both encourage and protect innovation in the public and private sectors.

 

Redsocks - Malware Trend Report, Q1 2014
In this report we will look at data collected during the 1st quarter of 2014. RedSocks analyses high amounts of new malicious files on a daily basis, therefore we can only cover a few topics briefly in this trend report.

Targeted Attacks, Stolen Certificates, and the Shiqiang Gang
The trend of attackers using stolen digital certificates to disguise their malicious executables is on the rise. The Shiqiang group is known to employ spear-phishing attacks against nongovernmental organizations along with a history of using stolen digital certificates in their campaigns.

 

Hacks! An investigation into aimbot dealers, wallhack users, and the million-dollar business of vide...
Zero is a customer service representative for one of the biggest video game cheat providers in the world. To him, at first, I was just another customer. He told me that the site earns approximately $1.25 million a year, which is how it can afford customer service representatives like him to answer questions over TeamSpeak. His estimate is based on the number of paying users online at any given time, the majority of whom, like me, paid for cheats for one game at $10.95 a month. Some pay more for a premium package with cheats for multiple games.

 

Mcafee - Cybercrime ‘Highlights’ of First Quarter 2014
Timeline of leading cybercrime events that made news in the first quarter of 2014.

 

Xerox Printer Beacons and the Importance of Documentation
While conducting some research, we happened to notice a rather odd domain name that a particular server was beaconing out to. The domain in question was xeroxdiscoverysupernode3.com. Initially, we figured that the domain could be malware or phishing related as the likelihood of Xerox Corporation using such a long domain was relatively low.

 

STFU NOOB! Predicting Crowdsourced Decisions on Toxic Behavior in Online Games
One problem facing players of competitive games is negative, or toxic, behavior. League of Legends, the largest eSport game, uses a crowdsourcing platform called the Tribunal to judge whether a reported toxic player should be punished or not. The Tribunal is a two stage system requiring reports from those players that directly observe toxic behavior, and human experts that review aggregated reports. While this system has successfully dealt with the vague nature of toxic behavior by majority rules based on many votes, it naturally requires tremendous cost, time, and human efforts.

Labels: HP| security
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.